"force group" with no effect on BSD

Jiri Lazansky lazan at labe.felk.cvut.cz
Fri Apr 13 08:09:57 GMT 2001 

Hello Jerry,

thanks for your prompt reaction to my yesterday posting.

> > [PC-tmp]
> >         path = /usr/pc.tmp
> >         force user = %U
>           ^^^^^^^^^^^^^^^
> This line is a little silly :-)
YES, this line IS silly, I was experimenting a lot with the configuration 
and this is the relics.
> 
> >         force group = nobody
> Have you tried a group other than 'nobody'?  or does the BSD filesystem
> enfore some type of sticky bit like behavior?
I have experimented with many UNIX groups at this place with no difference. 
I have tried groups where the logging-in user is primary member, secondary 
member or no member, but nothing helps. I have even tried the +group version.

The motivation of my effort is as follows: 
I have Win users working on different projects. They are assigned to UNIX 
primary groups according to these projects. I want to allow the use the 
'PC-tmp' share for file exchange so that users of different groups don't 
garble other's work. Actually, I want:
    create mask = 0660
    directory mask = 0770  

Up to now, we are using an old SUN Sparc running SunOS 4.1.4 (based on BSD 4.3)
as our server providing smb service by Samba 1.9.18p8 where everything worked
as desired. 
FreeBSD-4.2 that I am experimenting now is a BSD 4.4 based system. On this 
system creating new files (and directories) is done by open(2) with options 
containing O_CREAT flag. These new objects are owned by the current user and 
the group ownership is that of the containing directory. To change this 
default chown(2) must be called.

Samba documentation states (smb.conf(5) - force group): ... This allows an 
administrator to decide that only users who are already in a particular 
group will create files with group ownership set to that group. ...

Having checked the log files on a higher debug level, I found that Samba 
doesn't even try to call chown()... SO I SUSPECT A BUG!

Best regards

Jiri Lazansky
Czech Technical University Prague
Faculty of Electrical Engineering
Department of Cybernetics
< lazan at labe.felk.cvut.cz >


----- Original Message ----- 
From: "Gerald Carter" <gcarter at valinux.com>
To: "Jiri Lazansky" <lazan at labe.felk.cvut.cz>
Cc: <samba-technical at lists.samba.org>
Sent: 12. dubna 2001 19:06
Subject: Re: "force group" with no effect on BSD 


> On Thu, 12 Apr 2001, Jiri Lazansky wrote:
> 
> > [PC-tmp]
> >         path = /usr/pc.tmp
> >         force user = %U
>           ^^^^^^^^^^^^^^^
> This line is a little silly :-)
> 
> >         force group = nobody
> >         writeable = Yes
> >         create mask = 0664
> >         force directory mode = 775
> >         dos filetimes = Yes
> >
> > UNIX 'ls -la' command in /usr/pc.tmp says:
> >
> > drwxrwxrwx   4 root   wheel   512 Apr 12 18:21 ./
> > drwxr-xr-x  19 root   wheel   512 Feb 22 18:07 ../
> >
> > My clients can access this share without any problems, the log file
> > seems good, showing "effective(1000, 65534)" for the connected user -
> > gid 65534=nobody. However, any object created on this share has proper
> > user ownership but the group owner is always "wheel"
> 
> Have you tried a group other than 'nobody'?  or does the BSD filesystem
> enfore some type of sticky bit like behavior?
> 
> 
> Cheers, jerry
> ----------------------------------------------------------------------
>    /\  Gerald (Jerry) Carter                     Professional Services
>  \/    http://www.valinux.com/  VA Linux Systems   gcarter at valinux.com
>        http://www.samba.org/       SAMBA Team          jerry at samba.org
>        http://www.plainjoe.org/                     jerry at plainjoe.org
> 
>        "...a hundred billion castaways looking for a home."
>                                 - Sting "Message in a Bottle" ( 1979 )
> 
>

More information about the samba-technical mailing list